The hidden cyber threat leaving you and your business at risk

In April 2015, a group of researchers from the Singapore University of Technology and Design flew a smartphone-equipped drone up to the 30th floor of an office building and waited. Loaded on the phone was an app that scanned the office's wireless network for an open printer then mimicked it, forcing local computers to connect to the phone instead. Intercepted documents were copied onto a Dropbox account and the file passed along to the real printer for output. The office workers were none the wiser.

A month earlier a cyberattack of more malicious intent by the notorious hacker, Weev, resulted in a stream of racist fliers being spewed out of the printers across 12 US universities. The January before, an unidentified hacker held a large Danish paint wholesaler to ransom by entering their network through a printer and locking the entire thing down.

More than 90 per cent of enterprises, surveyed by IT analysts Quocirca, reported experiencing at least one data loss through unsecured printing. The financial consequences are significant - on average, the total cost per data breach amounted to $7.7M throughout 2015, according to the Ponemon Institute. This institute also found that while 64 per cent of IT managers believe their printers are likely infected with malware, 56 per cent of enterprise companies ignore printers in their security strategy.

But while much of the sector may still be waking up to the threat, HP has been working to build the world's most secure printers, ever since the launch of Secure Encrypted Printing in 2011 and Access Control Secure Pull Printing the year after that.

“We see print as part of the wider security infrastructure for any organisation and an area that mainstream cybersecurity has neglected,” says HP's print security advisor for EMEA, Paul Mckiernan. “When I point out that printers have a minimum 320GB hard drive and active firmware, that they're an entry and exit point for your network with access to email servers and they probably have as big an attack surface as your average server in a data centre,” he explains. “Then I get some dropped jaws.”

Read next

Technology is being re-invented in Europe. These entrepreneurs are leading the charge

In partnership with Promotions

The latest layer, announced last year and included in new HP printer models, consists of three systems: Sure Start, Intrusion Detection, and Whitelisting, which work together to ensure total printer security from start to finish. At every boot cycle the HP Sure Start system validates the integrity of the printer's firmware, and, if a compromised version is detected, restarts the device, wipes the firmware and replaces it using a safe, “golden copy” of the BIOS. “That's a physically and logically protected, copy,” explains Mckiernan, “It's read only, you can't write to it.”

During application installation, Whitelisting checks that any firmware or application installation is digitally signed by HP to ensure only authentic, and un-tampered with firmware is loaded into memory. If the system detects an anomaly, the device reboots to a secure, offline state. "One thing printers have over PCs is this ability to whitelist every single application that gets installed," Mckiernan says, "If you're using a PC, the average person can be downloading multiple applications on a daily basis, which isn't the case with a printer."

Throughout the entirety of a printer's operation HP Intrusion Detection, the first behavioural anti-malware solution to be implemented in a printer, tracks the system's processes for anomalies that might signal a potential attack. "This is running all the time that your printer is functioning, monitoring the software's behaviour," explains Mckiernan. "If it sees anything unexpected, for example if a hacker has managed to inject malicious code into firmware that has been white-listed, then it wipes the firmware and re-boots."

After any reboot has occurred, the HP JetAdvantage Security Manager automatically assesses and remediates the device security settings to comply with pre-established policies. "To the user, it just looks like a normal re-boot and they can carry on working," explains Mckiernan. But the printer will send a syslog message to the Security Information and Event Management system (SIEM) with a critical level of importance."

So the average office worker may be not be aware of the potential cyber threat hidden under their desk, or tucked away in a backroom - but with HP's security suite, they don't need to be. After all, what could be more secure than a printer fleet capable of looking after itself?